SAINT CorporationSAINT:84B76BEBF8D41AD219C282F145597AC4Microsoft Excel Substream Parsing Integer Overflow
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.6%
Added: 11/08/2011
CVE: CVE-2011-0097
OSVDB: 71758
Background
Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.
Problem
Microsoft Excel 2007 versions lacking the patch (KB2464583) detailed in Microsoft Security Advisory MS11-021 contain an integer overflow vulnerability when parsing data included in a **400h** substream. An attacker who entices a user to open a specially formatted Excel document may be able to execute arbitrary code on the userβs system.
Resolution
Apply the patch outlined in Microsoft Security Advisory MS11-021.
References
<http://technet.microsoft.com/en-us/security/bulletin/MS11-021>
<http://secunia.com/advisories/39122/>
Limitations
Exploit works on Microsoft Excel 2007 SP2.
This exploit requires the Compress-Zlib PERL module, which is available from cpan.org.
Platforms
Windows XP
Windows 7
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.6%